2 Robert Speck Parkway, Suite 298 Mississauga ON
+1 888 366 4443
info@gige.ca

VPN Devices Need Patching: New Vulnerabilities Have Been Discovered

IT Services & IT Solutions Mississauga & Toronto

VPN Devices Need Patching: New Vulnerabilities Have Been Discovered

   Blog Posts IT Security IT Services    September 6, 2019 |  0
technology icon gallery

The Canadian Centre for Cybersecurity recently stressed the importance of keeping VPN devices up-to-date. Because VPN devices act as points of contact between a network and the internet, they are particularly vulnerable to cyberattack.

The Centre for Cybersecurity identified four types of VPN that are particularly vulnerable: Fortinet Forigate, Palo Alto GlobalProtect, Pulse Connect Secure, and Pulse Policy Secure. Vulnerabilities in these VPN services can allow attackers to do anything from changing passwords of user portals to downloading malicious files onto the victims’ computers. For example, Palo Algo GlobalProtect VPN is susceptible to a vulnerability called CVE-2019-1579 which, when exploited, allows attackers to execute unauthorized code on a computer without the permission of the user.

Troy Mursch, an independent researcher, stated that over 14 000 Pulse Secure VPN endpoints were still susceptible to the CVE-2019-11510 vulnerability. It was found that industries including military, government, universities, and hospitals are still affected.

These vulnerabilities were discovered by DEVCORE researchers during the recent Black Hat USA 2019 Conference – a computer security event with a focus around training and briefing. Prior to announcing the vulnerabilities to the public, the researchers disclosed their findings to the affected developers so official fixes would be released simultaneously.

Between April and July this year, several patches fixing the vulnerabiltiies were released by Fortinet, Palo Alto Networks, and Pulse Secure.

Protecting Yourself from VPN vulnerabilities

When known vulnerabilities are announced to the public, it is essential that you update your affected systems to the latest patches. Cyberattackers are constantly scanning the internet for endpoint devices that are unprotected. Many are now automating this process, making the threat more immediate than ever.

GIGE IT Corporation’s network security technicians have years of experience designing and deploying security solutions for businesses. Don’t leave yourself vulnerable to cyberattack – contact us at info@gige.ca or 888 366 4443 to get started with us immediately.

 

Cloud Solutions
IT Services
IT Solutions
Hours & Info
2 Robert Speck Parkway, Suite 298, Mississauga, ON L4Z 1H8
(888) 366-4443
info@gige.ca
Mon to Fri 8:30AM-5PM
Weekends Closed

Managed IT Services

Backup Process Engineering

Telephony

IT Support Help Desk

E-mail and Remote Connection

IT Infrastructure

Security IT Services

Data Storage Management

Server OS Update

Locations

Aurora

Brampton

Hamilton

Markham

Milton

Mississauga

Newmarket

Richmond Hill

Scarborough

Toronto

Vaughan

Navigation

Home

About Our IT Support

Cloud Solutions

Managed IT Services

IT Solutions

 

©  2022 GIGE IT Solutions: IT Services Mississauga. Built using WordPress and the Mesmerize Theme

%d bloggers like this: